Skip to content
TrueForge

News

Team

TrueTech

GamingForge

LifeForge

Plugin Bouncer Middleware

Appears in

Section titled “Appears in”
  • .Values.ingressMiddlewares.traefik.$name.data

pluginName

Section titled “pluginName”

Define the pluginName

KeyingressMiddlewares.traefik.$name.data.pluginName
Typestring
Required
Helm tpl
Defaultbouncer

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        pluginName: my-plugin-name

enabled

Section titled “enabled”

Define the enabled

KeyingressMiddlewares.traefik.$name.data.enabled
Typebool
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        enabled: true

logLevel

Section titled “logLevel”

Define the logLevel

KeyingressMiddlewares.traefik.$name.data.logLevel
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        logLevel: DEBUG

updateIntervalSeconds

Section titled “updateIntervalSeconds”

Define the updateIntervalSeconds

KeyingressMiddlewares.traefik.$name.data.updateIntervalSeconds
Typeint
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        updateIntervalSeconds: 60

updateMaxFailure

Section titled “updateMaxFailure”

Define the updateMaxFailure

KeyingressMiddlewares.traefik.$name.data.updateMaxFailure
Typeint
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        updateMaxFailure: 0

defaultDecisionSeconds

Section titled “defaultDecisionSeconds”

Define the defaultDecisionSeconds

KeyingressMiddlewares.traefik.$name.data.defaultDecisionSeconds
Typeint
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        defaultDecisionSeconds: 60

httpTimeoutSeconds

Section titled “httpTimeoutSeconds”

Define the httpTimeoutSeconds

KeyingressMiddlewares.traefik.$name.data.httpTimeoutSeconds
Typeint
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        httpTimeoutSeconds: 10

crowdsecMode

Section titled “crowdsecMode”

Define the crowdsecMode

KeyingressMiddlewares.traefik.$name.data.crowdsec
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecMode: live

crowdsecAppsecEnabled

Section titled “crowdsecAppsecEnabled”

Define the crowdsecAppsecEnabled

KeyingressMiddlewares.traefik.$name.data.crowdsecAppsecEnabled
Typebool
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecAppsecEnabled: false

crowdsecAppsecHost

Section titled “crowdsecAppsecHost”

Define the crowdsecAppsecHost

KeyingressMiddlewares.traefik.$name.data.crowdsecAppsecHost
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecAppsecHost: crowdsec:7422

crowdsecAppsecFailureBlock

Section titled “crowdsecAppsecFailureBlock”

Define the crowdsecAppsecFailureBlock

KeyingressMiddlewares.traefik.$name.data.crowdsecAppsecFailureBlock
Typebool
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecAppsecFailureBlock: true

crowdsecAppsecUnreachableBlock

Section titled “crowdsecAppsecUnreachableBlock”

Define the crowdsecAppsecUnreachableBlock

KeyingressMiddlewares.traefik.$name.data.crowdsecAppsecUnreachableBlock
Typebool
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecAppsecUnreachableBlock: true

crowdsecLapiKey

Section titled “crowdsecLapiKey”

Define the crowdsecLapiKey

KeyingressMiddlewares.traefik.$name.data.crowdsecLapiKey
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiKey: privateKey-foo

crowdsecLapiHost

Section titled “crowdsecLapiHost”

Define the crowdsecLapiHost

KeyingressMiddlewares.traefik.$name.data.crowdsecLapiHost
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiHost: crowdsec:8080

crowdsecLapiScheme

Section titled “crowdsecLapiScheme”

Define the crowdsecLapiScheme

KeyingressMiddlewares.traefik.$name.data.crowdsec
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiScheme: http

crowdsecLapiTLSInsecureVerify

Section titled “crowdsecLapiTLSInsecureVerify”

Define the crowdsecLapiTLSInsecureVerify

KeyingressMiddlewares.traefik.$name.data.crowdsecLapiTLSInsecureVerify
Typebool
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiTLSInsecureVerify: false

crowdsecCapiMachineId

Section titled “crowdsecCapiMachineId”

Define the crowdsecCapiMachineId

KeyingressMiddlewares.traefik.$name.data.crowdsecCapiMachineId
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecCapiMachineId: login

crowdsecCapiPassword

Section titled “crowdsecCapiPassword”

Define the crowdsecCapiPassword

KeyingressMiddlewares.traefik.$name.data.crowdsecCapiPassword
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecCapiPassword: password

crowdsecCapiScenarios

Section titled “crowdsecCapiScenarios”

Define the crowdsecCapiScenarios

KeyingressMiddlewares.traefik.$name.data.crowdsecCapiScenarios
Typelist of string
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecCapiScenarios:
          - crowdsecurity/http-path-traversal-probing
          - crowdsecurity/http-xss-probing
          - crowdsecurity/http-generic-bf

forwardedHeadersTrustedIPs

Section titled “forwardedHeadersTrustedIPs”

Define the forwardedHeadersTrustedIPs

KeyingressMiddlewares.traefik.$name.data.forwardedHeadersTrustedIPs
Typelist of string
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        forwardedHeadersTrustedIPs:
          - 10.0.10.23/32
          - 10.0.20.0/24

clientTrustedIPs

Section titled “clientTrustedIPs”

Define the clientTrustedIPs

KeyingressMiddlewares.traefik.$name.data.clientTrustedIPs
Typelist of string
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        clientTrustedIPs:
          - 192.168.1.0/24

forwardedHeadersCustomName

Section titled “forwardedHeadersCustomName”

Define the forwardedHeadersCustomName

KeyingressMiddlewares.traefik.$name.data.forwardedHeadersCustomName
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        forwardedHeadersCustomName: X-Custom-Header

remediationHeadersCustomName

Section titled “remediationHeadersCustomName”

Define the remediationHeadersCustomName

KeyingressMiddlewares.traefik.$name.data.remediationHeadersCustomName
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        remediationHeadersCustomName: cs-remediation

redisCacheEnabled

Section titled “redisCacheEnabled”

Define the redisCacheEnabled

KeyingressMiddlewares.traefik.$name.data.redisCacheEnabled
Typebool
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        redisCacheEnabled: false

redisCacheHost

Section titled “redisCacheHost”

Define the redisCacheHost

KeyingressMiddlewares.traefik.$name.data.redisCacheHost
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        redisCacheHost: "redis:6379"

redisCachePassword

Section titled “redisCachePassword”

Define the redisCachePassword

KeyingressMiddlewares.traefik.$name.data.redisCachePassword
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        redisCachePassword: password

redisCacheDatabase

Section titled “redisCacheDatabase”

Define the redisCacheDatabase

KeyingressMiddlewares.traefik.$name.data.redisCacheDatabase
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        redisCacheDatabase: "5"

crowdsecLapiTLSCertificateAuthority

Section titled “crowdsecLapiTLSCertificateAuthority”

Define the crowdsecLapiTLSCertificateAuthority

KeyingressMiddlewares.traefik.$name.data.crowdsecLapiTLSCertificateAuthority
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiTLSCertificateAuthority: |-
          -----BEGIN CERTIFICATE-----
          MIIEBzCCAu+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
          ...
          Q0veeNzBQXg1f/JxfeA39IDIX1kiCf71tGlT
          -----END CERTIFICATE-----

crowdsecLapiTLSCertificateBouncer

Section titled “crowdsecLapiTLSCertificateBouncer”

Define the crowdsecLapiTLSCertificateBouncer

KeyingressMiddlewares.traefik.$name.data.crowdsecLapiTLSCertificateBouncer
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiTLSCertificateBouncer: |-
          -----BEGIN CERTIFICATE-----
          MIIEHjCCAwagAwIBAgIUOBTs1eqkaAUcPplztUr2xRapvNAwDQYJKoZIhvcNAQEL
          ...
          RaXAnYYUVRblS1jmePemh388hFxbmrpG2pITx8B5FMULqHoj11o2Rl0gSV6tHIHz
          N2U=
          -----END CERTIFICATE-----

crowdsecLapiTLSCertificateBouncerKey

Section titled “crowdsecLapiTLSCertificateBouncerKey”

Define the crowdsecLapiTLSCertificateBouncerKey

KeyingressMiddlewares.traefik.$name.data.crowdsecLapiTLSCertificateBouncerKey
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        crowdsecLapiTLSCertificateBouncerKey: |-
          -----BEGIN TOTALY NOT A SECRET-----
          MIIEogIBAAKCAQEAtYQnbJqifH+ZymePylDxGGLIuxzcAUU4/ajNj+qRAdI/Ux3d
          ...
          ic5cDRo6/VD3CS3MYzyBcibaGaV34nr0G/pI+KEqkYChzk/PZRA=
          -----END TOTALY NOT A SECRET-----

captchaProvider

Section titled “captchaProvider”

Define the captchaProvider

KeyingressMiddlewares.traefik.$name.data.captchaProvider
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        captchaProvider: hcaptcha

captchaSiteKey

Section titled “captchaSiteKey”

Define the captchaSiteKey

KeyingressMiddlewares.traefik.$name.data.captchaSiteKey
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        captchaSiteKey: FIXME

captchaSecretKey

Section titled “captchaSecretKey”

Define the captchaSecretKey

KeyingressMiddlewares.traefik.$name.data.captchaSecretKey
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        captchaSecretKey: FIXME

captchaGracePeriodSeconds

Section titled “captchaGracePeriodSeconds”

Define the captchaGracePeriodSeconds

KeyingressMiddlewares.traefik.$name.data.captchaGracePeriodSeconds
Typeint
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        captchaGracePeriodSeconds: 1800

captchaHTMLFilePath

Section titled “captchaHTMLFilePath”

Define the captchaHTMLFilePath

KeyingressMiddlewares.traefik.$name.data.captchaHTMLFilePath
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        captchaHTMLFilePath: /captcha.html

banHTMLFilePath

Section titled “banHTMLFilePath”

Define the banHTMLFilePath

KeyingressMiddlewares.traefik.$name.data.banHTMLFilePath
Typestring
Required
Helm tpl
Default-

Example

ingressMiddlewares:
  traefik:
    middleware-name:
      data:
        banHTMLFilePath: /ban.html

Full Examples

Section titled “Full Examples”
ingressMiddlewares:
  traefik:
    middleware-name:
      enabled: true
      type: plugin-bouncer
      data:
        enabled: true
        logLevel: DEBUG
        updateIntervalSeconds: 60
        updateMaxFailure: 0
        defaultDecisionSeconds: 60
        httpTimeoutSeconds: 10
        crowdsecMode: live
        crowdsecAppsecEnabled: false
        crowdsecAppsecHost: crowdsec:7422
        crowdsecAppsecFailureBlock: true
        crowdsecAppsecUnreachableBlock: true
        crowdsecLapiKey: privateKey-foo
        crowdsecLapiHost: crowdsec:8080
        crowdsecLapiScheme: http
        crowdsecLapiTLSInsecureVerify: false
        crowdsecCapiMachineId: login
        crowdsecCapiPassword: password
        crowdsecCapiScenarios:
          - crowdsecurity/http-path-traversal-probing
          - crowdsecurity/http-xss-probing
          - crowdsecurity/http-generic-bf
        forwardedHeadersTrustedIPs:
          - 10.0.10.23/32
          - 10.0.20.0/24
        clientTrustedIPs:
          - 192.168.1.0/24
        forwardedHeadersCustomName: X-Custom-Header
        remediationHeadersCustomName: cs-remediation
        redisCacheEnabled: false
        redisCacheHost: "redis:6379"
        redisCachePassword: password
        redisCacheDatabase: "5"
        crowdsecLapiTLSCertificateAuthority: |-
          -----BEGIN TOTALY NOT A CERT-----
          MIIEBzCCAu+gAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwgZQxCzAJBgNVBAYTAlVT
          ...
          Q0veeNzBQXg1f/JxfeA39IDIX1kiCf71tGlT
          -----END TOTALY NOT A CERT-----
        crowdsecLapiTLSCertificateBouncer: |-
          -----BEGIN TOTALY NOT A CERT-----
          MIIEHjCCAwagAwIBAgIUOBTs1eqkaAUcPplztUr2xRapvNAwDQYJKoZIhvcNAQEL
          ...
          RaXAnYYUVRblS1jmePemh388hFxbmrpG2pITx8B5FMULqHoj11o2Rl0gSV6tHIHz
          N2U=
          -----END TOTALY NOT A CERT-----
        captchaProvider: hcaptcha
        captchaSiteKey: FIXME
        captchaSecretKey: FIXME
        captchaGracePeriodSeconds: 1800
        captchaHTMLFilePath: /captcha.html
        banHTMLFilePath: /ban.html